Year: 2016

The number of times in the past that I have had to create self signed certificates is far too many to count! There have been various tools to help with it include IIS Server Management and the old standby MAKECERT utility. When I needed to create a couple new certificates for my Azure Drive Encryption…

The first thing I am going to do is setup a standard way to work with and store the solutions primary secrets and cryptographic materials. I find that as a developer I am called on to decide or at least make recommendations on how to handle implementations of protocols, tools and technologies that need access…

I am a strong believer in building security into the solution from the ground up in general but when it comes to IoT it is pretty much mandatory. There seems to be a consistent stream of exploits and attacks on connected devices so to properly defend my solution against this I will start any deployment…

Database, XML, CSV, JSON, INI and event to my horror hard coding are all techniques that I have seen for handling configuration information. With .NET, it has typically been the accepted practice of using the host mechanisms configuration management style, whether that is web.config, app.config or settings.xml and in general that has worked out fine…

Working with large scale distributed systems can be a challenge for the operations team whether it is handling capacity demands, scaling for cost, applying updates, rolling out new versions or keeping it safe and secure. Over the last two decades I have seen an ever-increasing demand for availability and uptime with an cyber attacks and…

As much as I enjoy coding I must constantly decide whether there is more value in writing a custom piece of code or taking one off the shelf that is supported and has had more eyes on it. A great example of this can be seen in the next few building blocks starting with this…

In Azure, just as most other shared resource situations, there are policies put in place to govern fairness of use (most limits can be found here). These limits are the best friend of solutions that do not over consume, protecting them from abusers etc., but must be handled appropriately by solutions that push up against them. Take…

Have you ever been working on debugging or diagnosing an issue and you need to get the time it takes to execute an external service call? I personally don’t want to use a stop watch, although it is a viable solution, when I already have the start time (DateTime.UtcNow) that I wrote to my logs, I just want…

I finished my retries building block, that should be good for basic handling of transient error conditions. When retries are used during throttling related to excessive load it creates the undesired side effect of increasing the load during the future retry attempt. This can result in prolonged throttling and in some cases unrecoverable situations. This sounds like a no…

In most systems, it is important to use retries in the case of failure. Obviously not all errors make sense to retry such as “invalid password” where there is a configuration or other change required before it will succeed. Retrying when there is no chance for success is a fool’s game! You are probably asking…